Mar 29

Corero Network Security Press Release with M&S Tech Quoted

Corero Network Security PLC : Corero Network Security Drives Global Business With SecureWatch Partner Program

03/28/2012 | 05:38am

New SecureWatch partner program delivers rich rewards including demand generation, training initiatives and technical support.

HUDSON, MASS, LONDON, UK – March 28, 2012 – Corero Network Security (CNS: LN), the leading provider of Distributed Denial of Service (DDoS) defense  and Intrusion Prevention System (IPS) solutions, today unveiled SecureWatch, a global program created exclusively for Corero’s channel partners and distributors.

The Corero SecureWatch Partner Program enables channel partners and distributors to improve profitability by defending their customers against increasingly frequent and sophisticated cyber attacks, something many traditional security solutions are unable to do today.

As attackers adopt new weapons and methods such as low and slow DDoS attacks smoke screens to divert attention from more surreptitious attacks aimed at stealing data, new technology solutions are required.

Corero provides channels the rare opportunity to drive new security revenue through:

  • Development of migration strategies to next generation network security solutions to address advanced threats
  • Migration of first generation IPS solutions to Corero’s next generation IPS solution, featuring market leading malware and data breach protection
  • Unique on-premises DDoS defense solutions to protect against traditional network-layer DDoS attacks and specially crafted application-layer DDoS attacks, which conventional  cloud- and ISP-based services cannot stop.

“With SecureWatch, we’ve designed a program that cements our dedication to our partners and their success,” said Marty Meyer, CEO of Corero Network Security. “With cyber attackers increasingly launching DDoS attacks and leveraging sophisticated malware, enterprises need the most effective and comprehensive front-line protection available on the market, dedicated, expert support and trusted advisors who stand with them against those who would do harm to their customer’s business.

“Together, Corero and our partners deliver the products and services to ensure information security and uninterrupted business continuity.”

In addition to award-winning technology and competitive margins, channel partners also will benefit from Corero’s responsiveness and high touch. Highlights of the SecureWatch Partner Program include:

  • Qualified Lead Forwarding – Corero will deliver a managed partner lead program and provide assistance throughout the entire sales cycle for each new opportunity.
  • Guaranteed Margins – Corero will guarantee deal margins for partners who have registered their opportunities.
  • Registered Opportunity Protection – Corero will provide self serve support, discounts and promotions via its dedicated Partner Portal.
  • Training and Certification – Corero partners will benefit from technical and sales training to build expertise, including instructor-led training, web-based training and onsite sales training.
  • Marketing and Sales Support – Corero will offer competitive marketing development funds (MDF) to provide a variety of marketing and sales initiatives.

“This is an untapped market segment for anyone who sells security,” said Mark Miller, a partner at Texas-based M&S Technologies. “When we demonstrate Corero’s solutions to existing customers with other defense mechanisms in place, be it firewalls, first generation IPS or the like, Corero’s differentiated technology practically sells itself. In addition to developing the most advanced DDoS defense and next generation IPS solutions on the market, Corero is very responsive to our customer needs, supporting us at all stages of the sales cycle.”

To apply to join Corero’s SecureWatch Partner Program please visit:

Mar 23

Hacking and New Data Breach Study

When Hackers Want Much More Than Money

Insider attack data breaches are down in 2011, but hacktivist attacks, with motives beyond money, are up, reports Verizon 2012 Data Breach Investigations Report.

By Mathew J. Schwartz,  InformationWeek 
March 22, 2012

Anonymous: 10 Facts About The Hacktivist Group

Anonymous: 10 Facts About The Hacktivist Group

(click image for larger view and for slideshow)

Call 2011 the year that hacktivism became the leading cause of data breaches.

Notably, 58% of all data stolen in 2011 didn’t go missing for monetary-gain purposes, as has traditionally been the case. Instead, it was obtained and leaked by hacktivist groups such as Anonymous and LulzSecAdTech Ad

That’s according to the 2012 Data Breach Investigations Report from Verizon, released Thursday. As in previous years, both the U.S. Secret Service and the Dutch National High Tech Crime Unit contributed data to the report. For the first time, however, the Australian Federal Police, theIrish Reporting & Information Security Service, and the Police Central e-Crime Unit of the London Metropolitan Police also contributed data from their investigations. All told, the report analyzed data from 855 incidents, involving 174 million compromised records.

[ Businesses are becoming more efficient in breach responses. See Data Breach Costs Drop. ]

Overall, the Verizon report found that 98% of attacks were caused by outsiders, although sometimes in collusion with insiders, who were involved in 4% of attacks, and business partners, who were involved in fewer than 1% of attacks.

Interestingly, about five years ago, previous Verizon data breach studies were reporting that about an equal number of attacks could be traced to insiders as well as outsiders. Since then, however, the number of losses traced to cyber criminals has increased, and in 2011, hacktivism came onto the scene in force. “We’re all seeing in the media the Occupy movement, Anonymous. There’s a big mentality shift where it used to be all about the money, and now we’re seeing a big shift where it’s not all about the money,” said Novak. “We’re seeing a lot of these hacktivist groups that are doing it purely for political or social reasons.”

Whether or not Anonymous and its ilk hold up a mirror to the poor state of IT security, as some industry watchers have said, such groups often face few obstacles. Notably, 96% of the attacks detailed in the Verizon report weren’t highly difficult, and 97% could have been easily avoided without needing to resort to difficult or expensive countermeasures. Furthermore, 79% of breached businesses were simply targets of opportunity.

Novak cautioned, however, that insider attacks are still a significant problem, and quantity-wise may not have changed significantly. But with the overall number of attacks and breached records reported to Verizon having increased dramatically, that’s skewed the percentages away from insider attacks.

As in previous years, the Verizon report found that cybercrime attacks are global in nature. Indeed, attacks launched in 2011 that resulted in breaches originated in at least 36 countries, versus just 22 countries in 2010. In 2011, the vast majority (70%) of attacks came from Eastern Europe, while just one-quarter were launched from the United States.

Attackers often favor a one-two punch. For starters, 81% of attacks and 99% of all compromised data involved hacking. But malware was also used in 69% of all attacks, and involved in 95% of compromised records.

Interestingly, this malware is rarely encountered by accident. “A lot of what we’re seeing is hackers getting in through some other means, then planting this malware,” said Novak. “So it’s no surprise that the malware is so good at getting this data out.” In terms of the “getting in” part, meanwhile, he said that exploiting weak credentials–including poor passwords–was the leading technique used by attackers, especially for smaller businesses. For larger businesses, meanwhile, attackers often installed keystroke loggers and password stealers, to make an end run around the network security defenses.

Another interesting finding is that attacks with a physical component that resulted in data breaches appeared to decline between 2010, when they’d spiked, and 2011, when fewer than 1% of compromised records, and just 10% of attacks, involved a physical component. What’s behind the apparent decrease? First, Verizon said that card-skimming attacks certainly haven’t gone away, and also that it’s oftentimes difficult to quantify the number of records that went missing as a result.

But Novak said the decline also seems to be due to law enforcement agencies catching more card-skimming gangs. In fact, given the traditional emphasis placed on physical–more than cyber–investigations, he said the expectation was that law enforcement agencies would simply be catching more people behind physical crimes that led to data breaches. But in fact, it appears that these physical crimes are declining. “The fact that we’re seeing physical go down, despite the fact that we have more law enforcement agencies reporting in, is one way we determined [that it's declining],” he said.

Cybercriminals shouldn’t breathe easy, however, since almost every type of law enforcement agency is adding cybercrime investigation capabilities. “Most law enforcement agencies are tooling up at an amazing rate,” said Novak. “Most law enforcement agencies are finding that there’s a cyber piece to almost every case now. For example, people who investigate homicides, traditionally they never spoke with the cyber folks. But now they find that a cellphone in their case must be analyzed, a laptop must be analyzed.”

Mar 22

How to Steer Clear From Hackers (Tips at Bottom)

Here is an article from NBC News:


On assignment: How to steer clear of cybercrime hackers

Wed Mar 21, 2012 6:14 PM EDT

By Richard Engel
NBC News Chief Foreign Correspondent

We all know the drill: Don’t open those suspicious email attachments, or oddly impersonal or out-of-character messages that seem to be from friends or your mom.

OK, but it’s hard to avoid.  We read so many emails and type and click and link and cut and paste so quickly, sometimes it just happens.

What then? What if you open a nasty email?  I’ve learned that really bad things can happen. It can wipe you out.

Before I was assigned to Wednesday night’s Rock Center story on cybercrime, I was oblivious to cybercrimes and cyber threats. My life isn’t that technical. I’m often more worried about finding gasoline for a generator than downloading the latest application. Perhaps because my relative Internet isolation, I was shocked at how pervasive hacking has become and how rampant and insidious cybercrime can be.

To research this story, we met the top cybercrime officials at the FBI, leading computer scientists and numerous victims of hackers.

I learned the hackers are much better than I suspected.  Take the example of a malware (basically a software that’s been maliciously designed to hurt you) with the imposing name of Zeus.

Zeus gets into your computer through emails, links and attachments.  You open a link that doesn’t look suspicious, even by accident, and Zeus gets in.  The hackers who use Zeus disguise the emails as updates to software you need or fake notes from friends or family.  “Check out this new video.”  “Did you see this?” “Download the latest update for (insert your favorite software).” The email might even look like it has come from your best friend.

You can’t assume you’ll spot them all. Zeus has loaded itself onto millions of American computers. Once it’s in, Zeus watches you.  Technically, the hacker uses Zeus to watch you, but in reality the two can’t be distinguished.  Zeus watches what you type.  It copies your keystrokes, and it waits.  Zeus will baby-sit your computer until you type something really important, like the password for your bank account.  When Zeus notices that you’ve gone to your bank’s website and start typing, it gets very excited.  It alerts its boss, the hacker, that he or she might want to pay attention.  It’s like a pager service for thieves.  You type in your bank details.  Zeus copies it, then tells the hacker it’s got something good.

Did I mention Zeus is on millions of American computers?  Armed with Zeus, the hackers steal so many bank passwords that they sell them to each other on a secondary market.  You can buy bundles of personal information, which might include the password for Judy the Deadbeat who’s in debt, or Warren Buffet’s personal accountant.

With so much information, the hackers have the luxury of picking and choosing their targets.  They like small businesses.  They like small-town America. They like church groups or retirement homes or bakeries or delivery companies or any business or organization they think won’t be overly suspicious and pays its bills and salaries online, preferably thought automatic payments.  They love automatic payments.

As I said, I’m not a computer expert, but after interviewing specialists and FBI officials, the best advice they gave me can be summed up in a few simple tips. But they’re only simple if you do them.


1. Have a separate computer for online banking. Buy a cheap out-of-the-box new laptop and only use it for banking.  It doesn’t have to be powerful or slick. A simple “net book” costs a couple hundred dollars.  It does have to be new to ensure it’s not already compromised.  Once you have the computer, don’t use it to surf the Internet.  Don’t load any software onto it.  Don’t send emails from it. Turn it on, do your banking, turn it off, unplug it, and put it in a drawer.  Don’t let your kids order music on it.  Think of it like a key.

2. Have different passwords and change them frequently. Your banking password should be unique.  It’s easier to rip off a password from your local gym than your bank.  If the passwords are all the same, you’re making a hacker’s job easier.

3. Another way to increase security is to cut-and-paste passwords, instead of typing them in. Some people do this to protect against keylogger programs.

4. Don’t leave the computer on all the time.  It’s like leaving a door unlocked.

5. Think before you click.  You can’t always win, but don’t blindly open attachments or links.  Do you really need to see that video?  Do you need to see it on the computer that you use to send sensitive information?  Be wary.

There are also many antivirus or protective software applications which can add an extra layer of security.

The online world has been compromised.  There are more thieves online than in your neighborhood, and they want to get into your life though your computer.

Editor’s note: Click here to watch Richard Engel’s full report, ‘Easy Money,’ from NBC’s Rock Center with Brian Williams.

Mar 13

Upcoming Conferences M&S Technologies Will Be Attending

The following are events/conferences we will be attending.

If you would like to discuss any of your security needs and/or get a security assessment, please contact us.

April 26- DIR Power to Purchase-Austin

Power to Purchase brings Department of Information Resources (DIR) contracted technology vendors together with IT and purchasing staff from state agencies, local and county government, K-12 and higher education to raise awareness about our Information and Communications Technology (ICT) Cooperative Contracts program.

Texas DIR 2012 Power to Purchase Technology Expo will be held Thursday, April 26th at the Palmer’s Event Center in Austin, Texas.

May 15- DIR ISF Conference-Austin

Information security and Internet access continue to be critical considerations among IT professionals. The focus this year’s conference is Security Program Maturity, and topics include:

  • DIR Update
    Angel L. Cruz, CISSP, CISM, Chief Information Security Officer, State of Texas
  • Why Improve Security Program Maturity?
    Bob Smock, Security Executive, Gartner
  • Maturing Security Models / Layers of Security from Enterprise Risk Management to IT Configurations
    Tauseef Ghazi/Shawn Lafferty, Manager/Principle, KPMG LLP
  • Security Metrics
    Brian A. Engle, Chief Information Security Officer (CISO), Texas Health & Human Services Commission
  • Using Security Innovations to Improve Enterprise Security
    Jim Boxmeyer, Principal, Technology Security, AT&T
  • Cloud Services – Security, Compliance and Governance in the Cloud
    Eric Gilbreath, Director Enterprise Architecture – Networks and Security, ACS-Xerox
  • Balancing Productivity and Risk for the Unchained Workforce: The New Reality
    David O’Berry, Systems Engineer, McAfee

The conference will also feature exhibits by vendors offering products and services related to these topics.

May 15-17 Region One Conference-South Padre

The Region One ESC Technology Conference is one of the most successful conferences in the state of Texas strictly devoted to educational technology. Our conference is carefully organized where both educators and administrators find and explore new ways to help their organizations become successful in the area of educational technology. Our conference showcases some of the latest technologies in education and provides educators and administrators in the following areas of professional growth:

  • Leadership and Administration
  • Innovation – Web 2.0 Tools, Mobile Devices and Open Source Products
  • Teaching and Learning – Technology Education and Content Area Based Workshops
  • Technology Support and Management – Security, Data Management and Green Technologies
Mar 13

Application Security & Four Tips for SMBs

Below article from InformationWeek discusses 4 tips for SMBs and their application security. It’s a good quick read, and you can just skip directly to the tips below

Strong security practices don’t have to be an all-or-nothing proposition. Sometimes, staying secure simply means you’re good at prioritizing.

That’s particularly true for application security. Not all applications are equal in terms of complexity or importance to your company. With that in mind, some small and midsize businesses (SMBs) are better suited to spend their time and money safeguarding critical applications while taking a laissez-faire approach in areas that have less at stake. In fact, acknowledging limits and working within them can become an advantage, according to George Baker, director of information security at ExostarAdTech Ad

“Resources–time, people, and financial–will be limited, but an SMB’s advantage in competing with larger organizations is your agility and ability to adapt,” Baker said.

Like his peer Yaron Baitch over at midmarket retailer Bob’s Stores, Baker’s 100-person firm places a heavy emphasis on security because it’s crucial to the bottom line–albeit for quite different reasons. Exostar provides enterprise application integration and collaboration services, and its customers include very large companies. A breach would be very costly both in terms of real dollars and reputation value.

Also like Baitch, Baker sees some common ground for SMBs when it comes to application security; the two recently shared a panel at RSA. For example, outsourcing certain skills or needs isn’t something to shy away from when it provides the best bang for your buck. Yet the pair calls attention to another SMB truism: No two companies are quite alike. SMBs, especially, can differ wildly in terms of security goals and needs. In a combination of phone and email interviews, Baker shared his own advice for how other SMBs can better address application security when there are many other areas competing for resources.

1. Don’t be intimidated. SMBs that approach security with a defeatist attitude are, simply put, much likelier targets for hackers and other threats. If you don’t think you can achieve real security, you won’t.

“You may feel as though you are at the base of the mountain, but just focus on taking your first step. Then, take another,” Baker said. “Before you realize it, you’ll be scaling that mountain.”

2. Build a business case. Security threats are tough enough–don’t add to the challenge by butting heads with the rest of the business. Build a solid case that stakeholders can understand and buy into; then you’ll have the backing you need to succeed.

“Map out the cost to execute your plan for the first quarter, the first year, and the next several years. At the same time, identify the cost of not securing those apps, in terms of hard (dollars lost) and soft (reputation or customers lost) dollars,” Baker said. “Make it easy for executives to weigh the go/no-go decision.”

3. Prioritize. Baker believes a good plan is comprehensive enough to secure everything over time, but pragmatic enough to allow for a reality that you might never reach that 100% bar. To do so, start with the simple recognition that some applications are more important to your business than others and make a list. Don’t be too concerned with what other companies are doing; worry about what’s actually important to your business.

“Rank all of your apps and start with those with the highest priority,” Baker said. “Priority can be a function of app importance, app vulnerability, and anticipated cost, time, and ease to secure.”

4. Start with quick wins. Sometimes, the process of ranking priorities can itself feel like more than your SMB can handle. Baker advises starting with the quick wins. Among other reasons, these give you tangible results to show executive management that security isn’t a theoretical practice. Baker’s top candidates include public-facing websites, collaboration applications (email, IM, and so forth), financial information, and any applications developed in-house.

Mar 13

Dell to Buy IT-Security Company SonicWall

Below is from the Wall Street Journal:


Dell Inc. agreed to buy information-technology security company SonicWall Inc., a deal that advances the computer maker’s development of enterprise-software offerings.

Financial terms of the deal weren’t disclosed.

Private-equity group Thoma Bravo LLC led a group that took SonicWall private in a $717 million deal in 2010. The buyout firm said Tuesday that during its ownership of SonicWall, Thoma Bravo’s operational strategies resulted “in a significant increase in SonicWall’s value.”

John Swainson, Dell’s president of the company’s software group, said in a separate release that Dell is building a software portfolio with “key assets in the fast-growing and highly profitable” IT-security business. He said SonicWall provides Dell with “unique intellectual-property resources and technology.”

Dell said SonicWall has more than 130 registered and pending patents, as well as about 950 employees and more than 300,000 customers. Its security products include firewalls, secure remote access, email protection, and backup and recovery.

The company plans to apply the best of SonicWall’s channel programs and combine it with its own PartnerDirect program. Dell’s existing PartnerDirect members will be able to sell SonicWall offerings.

Mar 08

Anonymous Strikes the Vatican Yesterday for Past Wrongs

Here is an article from today’s WSJ on the latest attacks by Anonymous. I always wonder if it really was them or just some group claiming they are apart of them.

Spain’s Panda Security and the Vatican’s official site were yesterday both attacked by malicious hackers claiming affiliation to the Anonymous collective.

The Catholic News reports on the Vatican attack:

Italian media outlets reported that the website,, became unresponsive around mid-afternoon local time, just as several other websites carried messages taking credit for the disruption in the name of the hacking group Anonymous. Email to and from the domain was reportedly also blocked for at least part of the time.

A posting on one Italian site claimed that the attack was an act of revenge for an array of outrages, including the sexual abuse of children by Catholic priests and the historic practice of selling indulgences for sins.

Jesuit Father Federico Lombardi, director of the Holy See Press Office, confirmed that had been the “object of an attack,” but said in a statement that he had no other information or comment to offer…

Last August, so-called “distributed denial-of-service” attacks on the website of the Vatican-affiliated World Youth Day in Madrid, attended by Pope Benedict XVI, came several weeks after the appearance of YouTube videos threatening such attacks in the name of Anonymous. The videos presented the attacks as punishment for clerical sex abuse and other “abominations of the Catholic Church.”

Meanwhile, 25 websites belonging to Spanish-based Panda Security went offline and were defaced with messages claiming to come from Anonymous. Emails, usernames and password of more than 100 staff were also posted online, according to PC Magazine.

In an official statement released Wednesday Panda Security said the hacktivists had only breached an external server storing Panda’s marketing campaigns and blogs.

“The attack did not breach Panda Security’s internal network and neither source code, update servers nor customer data was accessed,” wrote Pedro Bustamante, senior research advisor for Panda Security. “The only information accessed was related to marketing campaigns such as landing pages and some obsolete credentials, including supposed credentials for employees that have not been working at Panda for over five years.”

Panda Security has long publically condemned LulzSec. In fact, Sophos Security’s Graham Cluley said last night’s perpetrators singled out Luis Corrons, a technical director at PandaLabs, for expressing glee over the arrests. Corrons had published a since-removed blog post asking, “Where is the lulz now?” and had also tweeted, “Lads defending freedom of speech until they don’t like what you say #sadlulz.”

Last July, Panda published a research paper describing anonymous hacking activities as ‘stupidism’ rather than ‘hacktivism.’ The author even singled out LulzSec.

Mar 08

Blog List of the Best Security Blogs (Worth a Read/Bookmarks)

Here is a list of the top bloggers and blog posts in the last year. Almost all of the top bloggers were at the RSA conference and they had a blog meet up. These are all interesting and entertaining blogs and worth a read to get some fantastic inights.

Best Corporate Security Blog:

Fortinet Security Blog

Denim Group

Trend Micro Cloud Security Blog

Veracode Security Blog

Kaspersky Lab Blog

Sophos Naked Security Blog


Best Security Podcast

Threat Post The Network Security Podcast

Eurotrash Security Podcast


Exotic Liability

The Southern Fried Security Podcast


The Most Educational Security Blog

Cognitive Dissidents

Tao Security

F-Secure blog

The New School Security Blog

AppSecInc Blog

Evil Bytes/John Sawyer


The Most Entertaining Security Blog

Rational Survivability

Andrew Hay’s Blog

Uncommon Sense Security/Jack Daniel

New School Of Information Security/Adam Shostack

Naked Security

Securosis Blog


The Blog That Best Represents The Security Industry

Krebs On Security

Uncommon Sense Security

SANS Internet Storm Center

Securosis blog


The Single Best Blog Post or Podcast Of The Year

Martin McKeay, Curing the Credit Card Cancer

Veracode Blog

Moxie Marlinspike’s ThoughtCrime Labs

Idoneous Security

Mar 07

Credit Card Fraud (Video on How to do it)

Everyday we are seeing more and more stories about credit card fraud. It is important to be on the look out, especially with all the phony card readers that are out there. These show up many times at gas stations at the pump and have been found to be in major retailers as well.

Here are a couple stories

1) This story was in the Montgomery News:

The investigating officers were informed the two were making purchases by paying for items one at a time and asking the cashier to ring up each item separately. “The two would pay for those items with a debit/credit card, put it aside, then have the next item rung up,” Albany´s release said.

They were purchasing cigarettes and gift cards, according to Albany.

The two were allegedly seen at several different Wawa stores prior to the report from Sunoco and the stores were reporting that the credit/debit cards presented were coming up “invalid” or were being approved.

Further, different information other than the account numbers displayed on the cards was being displayed on the computers and receipts at the store, according to Albany.

“It appeared that the cards were fraudulent as the cards were coded with other people´s information,” Albany´s release stated.

2) Watch this video on how easy it is to steal your information. Be on the watch!


Mar 07

Five Ways to Keep Your Information Secure

Here are five ways to keep your information secure.

1.      Use drive encryption wherever possible – By using encryption on all drives that are not physically secured, the loss of a device becomes a cost-of-replacement issue and not a data-breach issue.  Many paid and free options are available in this space.

2.      Avoid sharing sensitive data over insecure media – People use e-mail for many things, but transfer of secure data should not be one of them (unless an adequate encryption technique is used).  The same goes for unencrypted backups, etc.  If the data is secure, it must be treated as such over all transport paths.

3.      Ensure that all systems remain reasonably current on patch levels – By keeping up with security patches from the vendors of software used on a system (ALL SOFTWARE USED, not just OS), the overall security of the system can be increased, and therefore the data which resides on it can be kept more secure.

4.      Be cautious about communications received from others – Clicking on a link in an e-mail from one’s mother may seem like the “nice” thing to do, but if anything looks suspect about the message, the link, etc. it would be a good time to verify the information before clicking on the link.  Also phone calls from “the helpdesk” asking for your password should raise an eyebrow at the least, and generally warrant a callback to the actual helpdesk number.

5.      Be cautious about what you post to social media sites – Many people adopt a fairly haphazard approach to their information privacy with respect to social-media sites.  Oftentimes the best approach is to treat such sites as a completely public forum, and to avoid posting anything you would not want EVERYONE to know.  It can be difficult to near-impossible to retract information once it has entered the public domain.